Initially reported as a "lucky" Arbitrum airdrop recipient, one crypto address appears to have actually scammed out over 600 different crypto wallets for more than 930,000 ARB tokens.
Blockchain intelligence firm Arkham confirmed with Decrypt that they too have identified that the address “belongs to a hacker who is sweeping funds from Arbitrum users.”
A closer look at the specific address's transactions reveals that it received 933,365 ARB tokens from a different Arbitrum address on March 24, a day after the layer-2 network’s highly-anticipated airdrop. ARB is the native governance token behind the layer-2 scaling solution for Ethereum called Arbitrum.
Transfer of 933,365 ARB tokens on-chain. Source: Arbiscan.
The source of those tokens is another contract whose creator is tagged as “Fake_Phishing18” on Arbitrum’s blockchain explorer.
Independent on-chain researcher 0xKnight also confirmed that he found victimreports of the hack. Users complained that their ARB tokens had been “auto-claimed” to the hacker's wallets.
Ethereum smart contract developer Brainsy signaled the malicious contract created by “Fake_Phishing18” on March 24 as well. They said that interacting with the contract creates an additional transaction request that appears as if it’s from the sender's wallet but instead is a phishing attack.
Watch out for this fake Arbitrum contract out there.
When I make a send the fake contract also makes a "transaction" that appears like its from my wallet. I assume to get me to interact with the contract. Stay safe out there. pic.twitter.com/ygGOddlTGU
MetaMask has warned against this sort of attack and termed it “address poisoning.”
It is an attempt where attackers poison the address list of users’ wallets by sending arbitrary transactions from addresses that closely resemble those with which the user has already interacted.
In this case, the attacker appears to have used both a phishing attack through a malicious smart contract and address poisoning, with Brainsy indicating that it makes the transaction look “like it's from [the users'] wallet.”
The image below shows that the “Fake_Phishing18” tagged account created the contract for the fake ARB tokens and then transferred ownership to “Fake_Phishing47.”
Contract details for fake ARB tokens. Source: Arbiscan
The same entity may have created a fake Aribtrum claiming site that if users interacted with the website, it would give the hacker control over the user’s wallets.
For instance, there was at least one identical webpage to the Arbitrum Foundation’s claim website circulating in some social media groups on the day of the airdrop.
The fake website claimed ARB tokens on the user’s behalf and transferred them to their wallets. The only subtle difference between them is that the original website has a countdown for when the claiming process will end.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
The Bank of Korea is considering linking its deposit tokens to a public blockchain, a move that would position its state-backed digital currency alongside private-sector stablecoins operating on open networks.
The tokens will be “a type of stablecoin issued within the digital currency system built and operated by the Bank of Korea,” the bank’s Deputy Governor Lee Jong-ryeol said in a statement Decrypt has confirmed with local sources.
"We are considering a direction in which it will coexist with...
Professor Andrew Urquhart is Professor of Finance and Financial Technology and Head of the Department of Finance at Birmingham Business School (BBS).
This is the sixth instalment of the Professor Coin column, in which I bring important insights from published academic literature on cryptocurrencies to the Decrypt readership. In this article, we’ll investigate cryptocurrency derivatives.
Bitcoin has gone from being an obscure digital asset traded by blockchain enthusiasts to one of the most trade...
Bitcoin (BTC) may be gaining momentum globally, but in Australia, it’s also attracting political ire.
On May 23, Senator Gerard Rennick dismissed Bitcoin as a “Ponzi scheme,” sparking immediate backlash from crypto industry groups and users alike.
“Bitcoin will ultimately go to a $1 million dollars. Why? Because it’s a Ponzi scheme whereby BlackRock will pump more and more dollars into a supply-constrained product,” Rennick tweeted in response to a user who sarcastically asked for his “special c...